Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3f/1e8183-aad1-4fd7-b10f-ffa4950a1ccb/1/p2Sib3Y1UUCqaW4KTx8MMStyd8A.mft
File:                     p2Sib3Y1UUCqaW4KTx8MMStyd8A.mft (raw, json)
Hash identifier:          iIHiyWMO223Ci3KqNJJDqxyBp88Y3wn6D7CwvtImaT0=
Subject key identifier:   03:36:2A:21:8E:1B:21:21:78:BF:7D:D8:E2:00:61:53:3A:E8:1F:EC
Authority key identifier: A7:64:A2:6F:76:35:51:40:AA:69:6E:0A:4F:1F:0C:31:2B:72:77:C0
Certificate issuer:       /CN=a764a26f76355140aa696e0a4f1f0c312b7277c0
Certificate serial:       01987306E966B933665A63A9BD2B6BA15A1A
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/p2Sib3Y1UUCqaW4KTx8MMStyd8A.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/3f/1e8183-aad1-4fd7-b10f-ffa4950a1ccb/1/p2Sib3Y1UUCqaW4KTx8MMStyd8A.mft
Manifest number:          1351
Signing time:             Mon 04 Aug 2025 03:01:29 +0000
Manifest this update:     Mon 04 Aug 2025 03:01:29 +0000
Manifest next update:     Tue 05 Aug 2025 03:01:29 +0000
Files and hashes:         1: BzSGdKXS_5WRE8i4u-1soKeFtzM.roa (hash: vrT1E18BTpX1mS9gu66zvt/nerXMjovuRA/4FT5P190=)
                          2: p2Sib3Y1UUCqaW4KTx8MMStyd8A.crl (hash: 8mRXjVb82py1Oq27zWPLM5/pRRWo6y+V57X23gSmhOo=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/3f/1e8183-aad1-4fd7-b10f-ffa4950a1ccb/1/p2Sib3Y1UUCqaW4KTx8MMStyd8A.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/3f/1e8183-aad1-4fd7-b10f-ffa4950a1ccb/1/p2Sib3Y1UUCqaW4KTx8MMStyd8A.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/p2Sib3Y1UUCqaW4KTx8MMStyd8A.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 05 Aug 2025 03:00:28 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:73:06:e9:66:b9:33:66:5a:63:a9:bd:2b:6b:a1:5a:1a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a764a26f76355140aa696e0a4f1f0c312b7277c0
        Validity
            Not Before: Aug  4 03:01:29 2025 GMT
            Not After : Aug  5 03:01:29 2025 GMT
        Subject: CN=03362a218e1b212178bf7dd8e20061533ae81fec
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bd:32:b9:79:fc:59:2a:bc:4a:8f:31:09:9a:6d:
                    e9:25:c2:a5:bb:46:74:24:f0:aa:e3:94:43:d3:65:
                    80:bb:b2:1a:c5:6f:c3:0e:fe:a6:77:bb:30:ed:cf:
                    cf:c7:7b:15:bf:ca:73:36:93:d7:16:48:89:87:bc:
                    0a:71:b6:d3:9b:e9:0a:ba:15:12:7a:48:31:f8:7e:
                    d5:7f:2e:d2:07:04:57:b7:80:b1:11:cf:f6:b9:ef:
                    94:26:d6:cb:d1:1b:cf:73:60:94:1f:cd:3b:fd:b8:
                    c4:31:de:f8:57:23:7c:06:23:be:38:34:d2:b4:84:
                    3e:ee:b9:32:cd:a9:83:ef:44:88:60:fc:71:b2:f0:
                    db:e5:01:e5:0d:2f:da:25:38:c0:02:e8:b7:a9:d9:
                    63:62:92:91:8f:6c:b8:8f:03:b5:c2:04:fa:2b:9f:
                    a1:97:b1:6a:3c:ed:a1:35:6f:dd:1e:ed:3f:0f:61:
                    78:4e:5c:61:d5:f8:03:a1:2f:51:99:3c:36:62:9b:
                    29:47:bd:20:ef:4b:1e:ce:de:91:12:37:89:22:cb:
                    1a:56:ce:32:7d:a5:f8:0d:c4:fe:7c:0b:d0:c8:32:
                    9e:46:a1:33:37:71:c0:f7:7a:5a:8b:74:69:6c:a7:
                    b5:bd:93:c7:f7:98:c5:6e:83:ea:7d:ec:fa:6b:ff:
                    d8:59
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                03:36:2A:21:8E:1B:21:21:78:BF:7D:D8:E2:00:61:53:3A:E8:1F:EC
            X509v3 Authority Key Identifier:
                keyid:A7:64:A2:6F:76:35:51:40:AA:69:6E:0A:4F:1F:0C:31:2B:72:77:C0

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/p2Sib3Y1UUCqaW4KTx8MMStyd8A.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3f/1e8183-aad1-4fd7-b10f-ffa4950a1ccb/1/p2Sib3Y1UUCqaW4KTx8MMStyd8A.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/3f/1e8183-aad1-4fd7-b10f-ffa4950a1ccb/1/p2Sib3Y1UUCqaW4KTx8MMStyd8A.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         a5:72:4f:bd:3e:8b:ef:8f:ef:a2:c5:ac:aa:59:d3:02:36:59:
         8d:1b:28:a4:f1:7b:d2:33:e2:21:82:0b:5c:8d:41:74:53:20:
         3b:42:1c:49:66:f4:ac:78:a6:d4:9a:af:2e:8e:c4:bf:7e:8e:
         42:f8:69:d7:95:1b:d2:52:64:99:2d:00:26:a2:31:eb:77:01:
         a3:c1:72:5e:80:28:f7:2f:3c:24:44:18:cf:5d:47:46:88:0a:
         d3:d4:db:06:84:a0:50:7c:98:4d:c9:c7:b8:39:e2:52:04:09:
         dd:e6:16:07:ec:a2:a3:a1:2e:39:09:1b:50:5c:15:cf:e5:02:
         ee:0c:7e:2d:17:46:6a:55:84:0e:99:b9:b6:ff:c7:1f:a0:ce:
         6b:bc:26:58:dd:5c:2d:5f:55:c2:2d:03:57:65:a4:66:ed:79:
         b6:4c:63:5d:e2:d0:88:1d:73:04:c4:f0:d6:34:27:6f:2b:7b:
         60:1f:ed:d8:d2:13:b0:ee:90:14:31:4d:f1:01:e9:3f:49:aa:
         1b:37:7e:60:59:51:b7:87:82:b0:09:be:72:9d:ea:64:4f:41:
         58:89:03:a0:92:81:9f:bb:52:28:5a:cf:a7:2a:b6:53:fe:55:
         75:8b:a5:44:1b:c0:e9:1a:c4:04:d7:0a:9c:0a:5b:e6:ea:7e:
         d3:fb:e4:a3
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZhzBulmuTNmWmOpvStroVoaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE3NjRhMjZmNzYzNTUxNDBhYTY5NmUwYTRmMWYwYzMxMmI3
Mjc3YzAwHhcNMjUwODA0MDMwMTI5WhcNMjUwODA1MDMwMTI5WjAzMTEwLwYDVQQD
EygwMzM2MmEyMThlMWIyMTIxNzhiZjdkZDhlMjAwNjE1MzNhZTgxZmVjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvTK5efxZKrxKjzEJmm3pJcKlu0Z0
JPCq45RD02WAu7IaxW/DDv6md7sw7c/Px3sVv8pzNpPXFkiJh7wKcbbTm+kKuhUS
ekgx+H7Vfy7SBwRXt4CxEc/2ue+UJtbL0RvPc2CUH807/bjEMd74VyN8BiO+ODTS
tIQ+7rkyzamD70SIYPxxsvDb5QHlDS/aJTjAAui3qdljYpKRj2y4jwO1wgT6K5+h
l7FqPO2hNW/dHu0/D2F4Tlxh1fgDoS9RmTw2YpspR70g70sezt6REjeJIssaVs4y
faX4DcT+fAvQyDKeRqEzN3HA93pai3RpbKe1vZPH95jFboPqfez6a//YWQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFAM2KiGOGyEheL992OIAYVM66B/sMB8GA1UdIwQY
MBaAFKdkom92NVFAqmluCk8fDDErcnfAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcDJTaWIzWTFVVUNxYVc0S1R4OE1NU3R5ZDhBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zZi8xZTgxODMtYWFkMS00ZmQ3LWIxMGYt
ZmZhNDk1MGExY2NiLzEvcDJTaWIzWTFVVUNxYVc0S1R4OE1NU3R5ZDhBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zZi8xZTgxODMtYWFkMS00ZmQ3LWIxMGYtZmZhNDk1MGExY2Ni
LzEvcDJTaWIzWTFVVUNxYVc0S1R4OE1NU3R5ZDhBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEApXJPvT6L
74/vosWsqlnTAjZZjRsopPF70jPiIYILXI1BdFMgO0IcSWb0rHim1JqvLo7Ev36O
Qvhp15Ub0lJkmS0AJqIx63cBo8FyXoAo9y88JEQYz11HRogK09TbBoSgUHyYTcnH
uDniUgQJ3eYWB+yio6EuOQkbUFwVz+UC7gx+LRdGalWEDpm5tv/HH6DOa7wmWN1c
LV9Vwi0DV2WkZu15tkxjXeLQiB1zBMTw1jQnbyt7YB/t2NITsO6QFDFN8QHpP0mq
Gzd+YFlRt4eCsAm+cp3qZE9BWIkDoJKBn7tSKFrPpyq2U/5VdYulRBvA6RrEBNcK
nApb5up+0/vkow==
-----END CERTIFICATE-----
Generated at Mon Aug 4 11:03:59 2025 by rpki-client